AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2025-21700: In the Linux kernel, the following vulnerability has been resolved: net: sched: Disallow replacing of child qdisc from

highvulnerability

security

Source: NVD/CVE DatabaseFebruary 13, 2025CVE-2025-21700

Summary

CVE-2025-21700 is a vulnerability in the Linux kernel's network packet scheduling system where a UAF (use-after-free, a memory error that lets attackers access freed memory) could be triggered by moving a child qdisc (queuing discipline, the Linux component that controls how packets are sent on a network) from one parent to another. The vulnerability allows privilege escalation through a sequence of commands that create conflicting parent-child relationships and cause memory corruption.

Solution / Mitigation

The patch prevents the vulnerability by disallowing the replacement of a child qdisc from one parent to another. As stated in the source: 'The semantics of "replace" is for a del/add _on the same node_ and not a delete from one node(3:1) and add to another node (1:3)... the patch takes the preventive approach of "disallow such config".' This means the system will now reject attempts to move a qdisc between different parents.

Vulnerability Details

CVSS Score

7.8(high)

EPSS (30-day exploit probability)

EPSS: 0.0%

Classification

Attack SophisticationModerate

Taxonomy References

CWE (Weakness Type)

CWE-416

CAPEC (Attack Pattern)

CAPEC-233

Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-21700

First tracked: February 15, 2026 at 08:35 PM

Classified by LLM (prompt v3) · confidence: 95%